CVE-2016-2404

{"id": "CVE-2016-2404", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 6.8, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.6}]}, "published": "2017-04-02T20:59:00.860", "references": [{"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160217-01-switch-en", "tags": ["Vendor Advisory"], "source": "psirt@huawei.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-264"}]}], "descriptions": [{"lang": "en", "value": "Huawei switches S5700, S6700, S7700, S9700 with software V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300, V200R005C00SPC500, V200R006C00; S12700 with software V200R005C00SPC500, V200R006C00; ACU2 with software V200R005C00SPC500, V200R006C00 have a permission control vulnerability. If a switch enables Authentication, Authorization, and Accounting (AAA) for permission control and user permissions are not appropriate, AAA users may obtain the virtual type terminal (VTY) access permission, resulting in privilege escalation."}, {"lang": "es", "value": "Switches Huawei S5700, S6700, S7700, S9700 con software V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300, V200R005C00SPC500, V200R006C00; S12700 con software V200R005C00SPC500, V200R006C00; ACU2 con software V200R005C00SPC500, V200R006C00 tiene una vulnerabilidad de control de permisos. Si un switch habilita Authentication, Authorization y Accounting (AAA) para el control de permisos y los permisos de usuario no son apropiados, los usuarios AAA pueden obtener el permiso de acceso al terminal de tipo virtual (VTY), resultando en una escalada de privilegios."}], "lastModified": "2017-04-11T01:11:21.077", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r001c00spc300:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "121BEE57-945E-4368-8AE4-4A823D70D31C"}, {"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r002c00spc100:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EBC629F6-BF42-4C2B-8CB1-2C4412C8D95A"}, {"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r003c00spc300:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DEC329F7-D83F-4119-B8CA-CC819EC872CB"}, {"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r005c00spc500:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4B3B076D-F61E-4BE0-B808-D86EB6A83D92"}, {"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r006c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5973A534-F961-4A97-B20E-994BA28AFE29"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:s5700:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E22D3CFF-3353-4EE2-8933-84F395469D0D"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r001c00spc300:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4AF84CB7-7EC9-4978-A4F6-FD5746AF1CE9"}, {"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r002c00spc100:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AFFF09EB-AA08-4204-B028-182933EC9700"}, {"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r003c00spc300:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7D5033F0-7E4F-431A-B4EA-E5D5D1FCFE5E"}, {"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r005c00spc500:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "96FF5103-C97A-443A-8475-0E99A0175455"}, {"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r006c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9FD4718F-473A-490E-8DFC-6A09FECDDD90"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:s6700:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DA7AC10D-B0DD-4206-8642-134DDD585C06"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r001c00spc300:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "07A44DEA-AB17-48F4-87C1-B3B6088BCD82"}, {"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r002c00spc100:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EEBEE7C8-0AB6-4BCE-A2C1-6A4CB4BF68AB"}, {"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r003c00spc300:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7CE013D0-4D00-46E1-9F7F-6711DCC9B8BD"}, {"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r005c00spc500:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "741262BB-C214-482D-A7BE-A480A985258B"}, {"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r006c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EF3FB3CC-2EAC-4A08-BDDC-DCACEE9FA2AE"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:s7700:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8769C2C4-E333-432B-8943-CFDFAE013379"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r001c00spc300:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E4EE71EF-90D8-40C6-9E80-A543ED32E976"}, {"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r002c00spc100:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F5C9C9CF-A5E1-4461-8B1E-1C572BB3D59A"}, {"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r003c00spc300:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C892C736-F14F-4A3F-9645-CB74A289DA36"}, {"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r005c00spc500:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C2D737B8-3A28-4465-A394-E2D5DA8C1927"}, {"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r006c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6AC7E622-010C-4C5D-8AA6-D4793AFCE0E0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:s9700:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "75FAA4BF-1ED0-4059-ADA1-071AF1BF2882"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r005c00spc500:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "790FC933-C4E3-471A-B1C1-8E7ECD93748F"}, {"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r006c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D6F2C4C7-3438-42B8-8999-C17E45C8CF49"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:s12700:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "138C1E57-176C-46B1-9704-D9C8391CC802"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:acu2_firmware:v200r005c00spc500:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A8307595-31A7-4077-89E6-B4864B22C701"}, {"criteria": "cpe:2.3:o:huawei:acu2_firmware:v200r006c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BC1428EF-A60D-4EC8-92F2-64CAD7687D3E"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:acu2:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "BF525629-AD0D-4CDC-A979-712C841FF7C6"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "psirt@huawei.com"}